[Bug] bundled CA root certificates not found in production #85
Description
This is not working for me in production (works fine in development before bunding):
This project bundles and uses CA root certificates from the python-ceritfi project.
Error:
Connecting to Pub/Sub API
Failed to connect Error: Failed to connect to Pub/Sub API
at PubSubApiClient.connect (file:///path/.output/server/_libs/salesforce-pubsub-api-client.mjs:17403:10)
at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
... 5 lines matching cause stack trace ...
at async file:///path/.output/server/_libs/@orpc/client.mjs:676:36
at async file:///path/.output/server/_libs/@orpc/client.mjs:103:20
at async file:///path/.output/server/_libs/@orpc/client.mjs:678:12 {
[cause]: Error: ENOENT: no such file or directory, open '/path/.output/server/_libs/cacert-2ebcb9e8.pem'
at Object.openSync (node:fs:560:18)
at Object.readFileSync (node:fs:444:35)
at PubSubApiClient.connect (file:///path/.output/server/_libs/salesforce-pubsub-api-client.mjs:17387:24)
The application is a simple Tanstack Start + vite + nitro project.
import { defineConfig } from "vite";
import tailwindcss from "@tailwindcss/vite";
import tsConfigPaths from "vite-tsconfig-paths";
import { tanstackStart } from "@tanstack/react-start/plugin/vite";
import { nitro } from "nitro/vite";
import viteReact from "@vitejs/plugin-react";
export default defineConfig({
plugins: [
tailwindcss(),
tsConfigPaths(),
tanstackStart(),
nitro(),
viteReact(),
],
});The command used after building is
node .output/server/index.mjs
I assume the issue is with this part here, which doesn't seem very portable:
pub-sub-api-node-client/src/client.js
Lines 146 to 150 in 66e2d5d
If we attempt to patch this with a hack:
cp ./node_modules/salesforce-pubsub-api-client/dist/*.pem .output/server/_libs/
There is still the issue of fs being null:
Connecting to Pub/Sub API
Failed to connect Error: Failed to connect to Pub/Sub API
at PubSubApiClient.connect (file:///path/.output/server/_libs/salesforce-pubsub-api-client.mjs:17403:10)
at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
... 2 lines matching cause stack trace ...
at async file:///path/.output/server/_libs/@orpc/client.mjs:155:19
at async file:///path/.output/server/_libs/@orpc/client.mjs:103:20
at async file:///path/.output/server/_libs/@orpc/client.mjs:678:12
at async file:///path/.output/server/_libs/@orpc/client.mjs:676:36
at async file:///path/.output/server/_libs/@orpc/client.mjs:103:20
at async file:///path/.output/server/_libs/@orpc/client.mjs:678:12 {
[cause]: TypeError: Cannot read properties of null (reading 'readFileSync')
at fetch$1 (file:///path/.output/server/_libs/@grpc/grpc-js.mjs:6263:25)
at Root$3.load$3 [as load] (file:///path/.output/server/_libs/@grpc/grpc-js.mjs:6287:115)
at Root$3.loadSync$2 [as loadSync] (file:///path/.output/server/_libs/@grpc/grpc-js.mjs:6297:15)
at loadProtosWithOptionsSync (file:///path/.output/server/_libs/@grpc/grpc-js.mjs:8818:29)
at Object.loadSync (file:///path/.output/server/_libs/@grpc/grpc-js.mjs:9772:73)
at PubSubApiClient.connect (file:///path/.output/server/_libs/salesforce-pubsub-api-client.mjs:17389:44)
at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
at async initPubsub (file:///path/.output/server/_ssr/router-BHZW07Zt.mjs:196:3)
at async Object.handler (file:///path/.output/server/_ssr/router-BHZW07Zt.mjs:223:2)
at async file:///path/.output/server/_libs/@orpc/client.mjs:155:19
}
which this time is caused by the @grpc/proto-loader dependency:
pub-sub-api-node-client/src/client.js
Line 156 in 66e2d5d
Can any of these behaviour be opt-out and for the certs to be provided manually?